OT Glossary

A programming language for PLCs. It represents logic in a form resembling an electrical schematic of relay circuits (which kind of looks like a ladder with rungs and rails). Each rung defines a logical operation: contacts (inputs) on the left that simulate relay contacts, and coils (outputs) on the right. Ladder logic is popular because it’s very intuitive for engineers with electrical backgrounds. It’s part of the IEC 61131-3 standard languages for PLCs (along with others like Functional Block Diagram, Structured Text). 

Any older computer or control system that remains in use despite its age, often because it still does its job, but which typically has outdated hardware or software. In OT, legacy systems are very common, including Windows NT or XP machines running HMI software, or a PLC from the 1990s that’s still controlling a boiler. These systems often cannot be easily patched or may not support modern security, making them vulnerable. But replacing them can be expensive or risky to operations. So, they live on, sometimes isolated or wrapped in additional protective controls. A legacy ICS component might use old protocols, have serial interfaces, or run an OS long out of support, posing a security and maintenance challenge.

Shorthand for the levels of the Purdue Model (see “Purdue Model”). In Purdue (which defines a reference architecture for ICS networks), Level 0 is the physical process (sensors/actuators), Level 1 is basic control (the controllers like PLCs), Level 2 is area supervisory control (HMIs, local supervision), Level 3 is site operations (plant SCADA servers, historians, engineering workstations), and Levels 4-5 are IT systems. People often refer to “Level 1 devices” (meaning the controllers) or “Level 3 network” (meaning the control network zone with servers). It’s basically a way to delineate where a device sits in the hierarchy from physical process up to business network.

Layer of protection analysis

A risk assessment method used in process safety to evaluate if there are sufficient independent protection layers to mitigate hazards. Each “layer” could be a safety instrumented function, an alarm with operator action, or a relief device, etc. The analysis calculates the risk reduction and whether it meets tolerable levels. In OT context, you might hear this in relation to SIS design. LOPA results help determine what Safety Integrity Level (SIL) a safety function needs. It’s not directly a cybersecurity term, but as with HAZOP, it’s part of the safety-minded culture in industrial operations. (And conceptually, you can think of defense-in-depth in security as a kind of layered protection like LOPA aims for in safety.)